Featured Post

Show HN: LegendAI-Amazon Sales Tracker https://ift.tt/Qmk4XB9

Show HN: LegendAI-Amazon Sales Tracker Get Actual Not Estimate Amazon Product Data! Real-Time Amazon Sales and Data Insights. Get accurate s...

Tuesday, April 11, 2023

Show HN: Skip the SSO Tax, access your user data with OSS https://ift.tt/wRjahgY

Show HN: Skip the SSO Tax, access your user data with OSS As the former CTO of an Insurtech and Fintech startup I always had the “pleasure” to keep regulators and auditors happy. Think of documenting who has access to what, quarterly access reviews, yearly audits and so on… Like many others we couldn’t justify the Enterprise-plan for every SaaS tool to simply get access to SSO and SCIM/SAML APIs. For Notion alone the cost would have nearly doubled to $14 per user per month. That’s insane! Mostly unknown to people, SSO Tax also limits access to APIs that are used for managing user access (SCIM/SAML). This has proven to be an incredibly annoying roadblock that prevented me from doing anything useful with our user data: - You want to download the current list of users and their permissions? Forget about it! - You want to centrally assign user roles and permissions? Good luck with that! - You want to delete user accounts immediately? Yeah right, like that's ever gonna happen! It literally cost me hours to update our access matrix at the end of every quarter for our access reviews and manually assigning user accounts and permissions. I figured, there must be a better way than praying to the SaaS gods to miraculously make the SSO Tax disappear (and open up SCIM/SAML along the way). That’s why I sat down a few weeks ago and started building OpenOwl ( https://ift.tt/1nAubKv ). It allows me to just plug in my user credentials and automatically download user lists, including permissions from SaaS tools. Granted, OpenOwl is still a work in progress, and it's not perfect. At the moment it's limited to non-SSO login flows and covers only 7 SaaS vendors. My favorite part is that you can configure integrations as “recipes”. The goal was for anybody to be able to add new integrations (IT managers and developers alike). Therefore you ideally don’t even have to write any new code, just tell OpenOwl how the new SaaS vendor works. What do you think? Have you dealt with manually maintaining a list of users and their permissions? Could this approach get us closer to overcoming parts of the SSO Tax? https://ift.tt/1nAubKv April 11, 2023 at 08:40AM

No comments:

Post a Comment